1. Field of the Invention
This invention relates generally to a system and method providing an adaptive verification algorithm for resource constrained systems and, more particularly, to a system and method providing an adaptive verification algorithm for resource constrained systems that employ modes of verification based on a belief of message validity so as to balance cost/performance requirements with security requirements of the system.
2. Description of the Related Art
Authentication, the process of establishing something or someone as genuine or bona fide, is an integral part of any security system. In the context of information security, it is the data and its users that require authentication. Data authentication, or verification, mechanisms have been studied extensively in the past few decades, and as a result, a multitude of mechanisms now exist.
Cryptography forms the backbone of the majority of the authentication mechanisms. Perhaps the most well known cryptographic technique is asymmetric key cryptography. Each principal using this mechanism has a pair of keys, namely a private key and a public key. The private key is known only to the principal, whereas the public key can be shared with other entities in the system. To ensure message integrity, the sender of a message signs the message with his private key, and adds his signature to the message. Upon receiving the message, the recipient can verify the signature of the message using the sender's public key.
The public key infrastructure (PKI) system is based on asymmetric key cryptography. In a PKI system, the bona fide users of the system are issued certificates, i.e., documents confirming their public key, by a certifying authority. When communicating information, users sign their message content with their private key and attach this signature to the message along with their certificate. The receiver can establish the legitimacy of the sender by verifying the certificate and authenticity or integrity of the message content by verifying its signature.
In some cases, data can also be authenticated using context specific knowledge or consistency checks, for example, a real time kinetic (RTK) computation of raw GPS data can be used to authenticate location information and vehicle trajectory information, can be authenticated using physics-based models.
Authentication mechanisms come at a cost. Cryptographic operations are, in general, computationally intensive. Even some consistency checks may be computationally as demanding as cryptographic operations, if not more. In areas where information security is paramount, these are usually secondary concerns. This has been the case with the traditional application domain, such as banking and financial transactions. Newer application domains, such as industrial automation, wireless vehicular and sensor networks, on the other hand, are driven by performance and cost constraints. Thus, a cryptographic mechanism that can establish legitimacy of data in the face of attacks can render the whole exercise of deploying a sensor network futile since miniature sensors have limited computational power, and typically need to process and communicate data at a certain data rate to be of any utility. Similar constraints hold in vehicular network as well. This is not to say that security, or authentication in particular, is of secondary importance, but that it cannot be an after-thought for such systems.
There have been two approaches to address this problem. The first approach uses “lightweight” mechanisms to reduce computational and communication overheads. The second approach uses trust-based authentication, which explicitly establishes trust among two parties before their interaction begins. Regardless of the efficiency of a mechanism, the first approach fails to exploit the fact that verification mechanisms can be suited to a particular scenario, where if the sender is known to be bona fide or malicious there is no need for verification. Data can be accepted directly in the former case while discarded in the latter. Moreover, lightweight mechanisms may not provide all desirable security attributes. Trust-based mechanisms, on the other hand, may open up vulnerability if too much reliance is placed on the initial exchange disregarding the possibility of spoofing. These mechanisms are also usually difficult to implement in scenarios where communicating parties change with time, such as in a vehicular network, due to mobility, and/or where communication is not necessarily one-to-one, such as broadcasting in wireless person and vehicular networks.